(+91) 8988133331

Vayable Trip Privacy Policy

Effective Date: April 2025 | Version 1.0

1. About This Privacy Policy

Vayable Trip Private Limited ("Vayable Trip", "we", "us", or "our") is a travel company incorporated under the Companies Act, 2013 and registered in Himachal Pradesh, India. We are committed to protecting the personal information of every individual who interacts with us — whether as a traveller, a website visitor, a newsletter subscriber, or a business contact.

This Privacy Policy ("Policy") describes how Vayable Trip collects, uses, stores, discloses, and protects personal data obtained through our website (www.vayabletrip.com), mobile application, email communications, telephone interactions, and any other channel through which you engage with us (collectively, "Services"). It is prepared in accordance with the Information Technology Act, 2000; the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules"); and other applicable Indian laws governing data protection and privacy.

By accessing or using our Services, creating an account, submitting an enquiry, or completing a booking, you acknowledge that you have read this Policy and consent to the collection and use of your personal data as described herein. If you do not agree with any part of this Policy, please discontinue use of our Services.

This Policy applies only to information collected by Vayable Trip. It does not apply to the privacy practices of third-party websites, service providers, or platforms to which we may link. We encourage you to review the privacy policies of any such third parties independently.

2. Key Definitions

The following definitions apply throughout this Policy:

  • "Personal Data" means any information that identifies or could identify a natural person, including name, contact details, financial details, and device identifiers.
  • "Sensitive Personal Data or Information (SPDI)" means personal data relating to passwords, financial information (bank account, card details), physical/mental health, sexual orientation, biometric data, and similar categories as defined under the SPDI Rules, 2011.
  • "Data Controller" means Vayable Trip, which determines the purposes and means of processing personal data.
  • "Data Processor" means any third party that processes personal data on behalf of Vayable Trip pursuant to a written agreement.
  • "User" or "you" means any individual who visits our website, uses our Services, or transacts with Vayable Trip in any capacity.
  • "Cookies" means small text files stored on your device by your web browser to remember preferences and activity.
  • "Third-Party Service Provider" means airlines, hotels, transport operators, insurance companies, visa facilitation services, and other vendors whose services form part of our packages.

3. Personal Data We Collect

3.1 Information You Provide Directly

We collect personal data that you voluntarily provide to us when you:

  • Register for an account or make an enquiry on our website or app.
  • Complete a booking for any travel package or service.
  • Submit a contact form, send us an email, or call our customer care team.
  • Subscribe to our newsletters, promotional offers, or travel alerts.
  • Participate in surveys, feedback forms, contests, or promotional activities.
  • Apply for a position with our company.

The categories of data collected include:

Category of Data Examples
Identity Data Full name, date of birth, gender, nationality
Contact Data Email address, mobile number, postal address, emergency contact
Travel Document Data Passport number, passport expiry date, visa details, frequent flyer numbers
Financial Data Credit/debit card details, UPI ID, bank account details (for refunds), billing address
Health & Dietary Data Dietary preferences (e.g., vegetarian, halal), medical conditions, mobility or accessibility requirements disclosed voluntarily
Account Data Username, password (encrypted), booking history, saved preferences
Communication Data Records of correspondence, call recordings, live chat transcripts, feedback submitted
Employment Data Designation, employer name (for corporate bookings and job applications)

3.2 Information Collected Automatically

When you use our website or mobile application, we automatically collect certain technical and usage data, including:

  • IP address, browser type and version, operating system, and device type.
  • Pages visited, time spent on pages, links clicked, and navigation paths.
  • Search queries entered on our platform.
  • Geographic location data (at city or region level, derived from IP address).
  • Unique device identifiers and advertising IDs (for analytics and performance measurement).
  • Referral source (e.g., how you arrived at our website).

This data is collected using cookies, web beacons, pixels, and similar tracking technologies. Please see Section 8 of this Policy for full details on our use of cookies.

3.3 Information from Third Parties

We may receive personal data about you from the following third-party sources:

  • Social media platforms (e.g., Facebook, Google) if you use social login features or interact with our social media pages.
  • Business partners and travel agents who make bookings on your behalf.
  • Payment processors and fraud detection services that verify transaction details.
  • Publicly available sources such as company registers, where relevant for business relationships.

3.4 Data Relating to Children

Our Services are not directed at children under the age of 16 years. We do not knowingly collect personal data from children without verifiable parental or guardian consent. If a booking includes a minor traveller, the Lead Passenger (who must be at least 18 years old) is responsible for providing the minor's details and consenting on their behalf. If we become aware that personal data has been collected from a child without appropriate consent, we will delete that data promptly. Please contact us at care@vayabletrip.com if you believe we have inadvertently collected a child's data.

4. How We Use Your Personal Data

Vayable Trip processes personal data only for specific, lawful purposes. The primary purposes for which we use your data are as follows:

4.1 Providing and Managing Travel Services

  • Processing your booking, confirming reservations, and issuing travel documents.
  • Sharing relevant passenger information with airlines, hotels, transport providers, and other Third-Party Service Providers necessary to fulfil your booking.
  • Facilitating visa applications, travel insurance, and other ancillary services.
  • Managing amendments, cancellations, and refunds.
  • Sending booking confirmations, itineraries, e-tickets, and pre-travel advisories.

4.2 Customer Relationship and Support

  • Responding to enquiries, complaints, and requests for assistance.
  • Sending service-related communications such as payment reminders and travel updates.
  • Conducting post-trip feedback surveys to improve our services.

This data is collected using cookies, web beacons, pixels, and similar tracking technologies. Please see Section 8 of this Policy for full details on our use of cookies.

4.3 Marketing and Personalisation

  • Sending promotional emails, travel offers, seasonal deals, and newsletters — only where you have provided consent or we have a legitimate interest to do so.
  • Personalising the content and recommendations shown to you on our website and app based on your browsing history and booking preferences.
  • Retargeting advertisements on third-party platforms (such as Google and Meta) using anonymised audience data.

You may withdraw your consent to marketing communications at any time by clicking the "Unsubscribe" link in any email or by contacting us at care@vayabletrip.com.

4.4 Legal and Compliance Obligations

  • Complying with obligations under Indian law, including tax filings, anti-money laundering checks, and regulatory reporting.
  • Responding to lawful requests from government authorities, courts, or law enforcement agencies.
  • Maintaining records required for dispute resolution and auditing purposes.

4.5 Security and Fraud Prevention

  • Detecting, investigating, and preventing fraudulent transactions, identity theft, and other unlawful activities.
  • Monitoring our systems for security threats and unauthorised access.

4.6 Business Operations and Improvement

  • Conducting internal analytics and research to improve our products, services, and website performance.
  • Carrying out business planning, financial reporting, and operational management.

5. How We Share Your Personal Data

Vayable Trip does not sell, rent, or trade your personal data to third parties for their own marketing purposes. We share personal data only in the following circumstances and only to the extent necessary for the purpose:

5.1 Third-Party Service Providers

To fulfil your travel booking, we must share relevant personal data with:

  • Airlines and transport operators (passenger name, passport details, contact information).
  • Hotels and accommodation providers (guest name, contact information, special requests).
  • Visa facilitation agencies and consulates (as required for visa applications).
  • Travel insurance providers (health-related data only where disclosed and consented to by you).
  • Activity operators and local guides (name, group details, special requirements).

All Third-Party Service Providers who receive your data are contractually required to use it solely for the purpose of delivering the agreed service and to maintain appropriate data security standards.

5.2 Technology and Service Partners

We engage trusted technology partners to support our operations. These may include:

  • Cloud hosting and data storage providers.
  • Payment gateway operators (who process card transactions under PCI-DSS standards).
  • Customer relationship management (CRM) and marketing automation platforms.
  • Analytics and website performance tools (e.g., Google Analytics).
  • Customer support software providers.

These partners act as Data Processors and are bound by data processing agreements that restrict their use of your data to providing services to Vayable Trip.

5.3 Legal and Regulatory Disclosure

We may disclose your personal data to government authorities, regulatory bodies, courts, or law enforcement agencies where required to do so by applicable law, court order, or in connection with any legal proceedings.

5.4 Business Transfers

In the event of a merger, acquisition, restructuring, sale of assets, or similar corporate transaction involving Vayable Trip, your personal data may be transferred to the successor entity. You will be notified of any such transfer and of any material changes to this Policy that may result from it.

5.5 With Your Consent

In any circumstances not covered above, we will share your personal data only with your prior explicit consent.

6. Data Security

Vayable Trip implements appropriate technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:

  • Encryption of sensitive data (including financial information and passwords) in transit and at rest using industry-standard SSL/TLS protocols.
  • Restricted access controls ensuring that personal data is accessible only to authorised personnel on a need-to-know basis.
  • Regular security assessments, vulnerability scans, and penetration testing of our systems.
  • Secure payment processing through PCI-DSS compliant payment gateways. Vayable Trip does not store full credit or debit card numbers on its systems.
  • Employee training on data protection and confidentiality obligations.
  • Incident response procedures to detect, contain, and report data breaches in accordance with applicable law.

While we take every reasonable precaution, no method of electronic transmission or storage is 100% secure. We encourage users to safeguard their account credentials and notify us immediately at privacy@vayabletrip.com if they suspect any unauthorised use of their account.

7. Data Retention

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required or permitted by law. The general retention periods we apply are:

  • Booking and transaction records: 7 years from the date of the transaction (to comply with tax and accounting obligations under the Income Tax Act, 1961 and GST law).
  • Account data (for registered users): For the duration of your active account, and up to 3 years after your last interaction or account closure.
  • Customer correspondence and complaint records: 3 years from the date of resolution.
  • Marketing consent records: Until you withdraw consent, plus 1 year thereafter.
  • Website analytics data: 26 months from collection (standard Google Analytics retention period).
  • CCTV footage (if applicable at our offices): 30 days unless required for an ongoing investigation.

At the end of the applicable retention period, personal data is securely deleted or anonymised so that it can no longer be linked to an individual.

8. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyse site traffic, and deliver relevant advertising. The types of cookies we use are:

8.1 Essential Cookies

These cookies are strictly necessary for the operation of our website- for example, to maintain your session, remember items in your search, and enable secure login. These cannot be disabled without impairing core website functionality.

8.2 Analytics and Performance Cookies

These cookies collect anonymised data about how visitors use our website (e.g., pages visited, time spent, error messages) to help us understand and improve site performance. We use tools such as Google Analytics for this purpose.

8.3 Functional Cookies

These cookies remember your preferences and choices (such as language, currency, and notification settings) to provide a more personalised experience.

8.4 Marketing and Targeting Cookies

These cookies track your browsing behaviour across websites to deliver advertisements that are relevant to your interests. They are set by our advertising partners (such as Google Ads and Meta Pixel) and are used to measure the effectiveness of our campaigns.

You may manage your cookie preferences at any time through the cookie consent banner on our website or through your browser settings. Disabling certain cookies may affect the functionality of our website. For more information, please refer to our Cookie Policy available on our website.

9. Cross-Border Data Transfers

In order to fulfil international travel bookings, certain personal data (such as passport details and contact information) may be transferred to Third-Party Service Providers located outside India — including airlines, hotels, and local tour operators in destination countries.

10. Your Rights Regarding Your Personal Data

Subject to applicable Indian law, you have the following rights with respect to your personal data held by Vayable Trip:

10.1 Right to Access

You may request a copy of the personal data we hold about you, together with information on how it is used and with whom it is shared. We will respond to verified access requests within 30 days.

10.2 Right to Correction

If you believe that any personal data we hold about you is inaccurate or incomplete, you may request that we correct or update it. You may also update many of your details directly through your account profile.

10.3 Right to Withdrawal of Consent

Where we process your personal data based on your consent (such as for marketing communications), you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.

10.4 Right to Erasure

You may request the deletion of your personal data where it is no longer necessary for the purpose for which it was collected, or where you have withdrawn consent and there is no other lawful basis for processing. This right is subject to our legal obligations to retain certain records.

8.4 Marketing and Targeting Cookies

If you believe your personal data has been processed in a manner inconsistent with this Policy or applicable law, you have the right to lodge a complaint with us at care@vayabletrip.com. You may also have the right to approach a competent authority under applicable Indian data protection law.

To exercise any of these rights, please submit a written request to care@vayabletrip.com with the subject line "Data Rights Request" along with proof of identity. We will acknowledge receipt within 5 working days and provide a substantive response within 30 days.

11. Third-Party Websites and Links

Our website may contain links to third-party websites, social media platforms, payment gateways, and partner portals. This Policy applies only to Vayable Trip's own Services. Once you navigate to a third-party website, you are subject to that party's privacy policy and practices. We do not accept responsibility for the privacy policies or data handling of any external websites, even if accessed through a link on our platform. We encourage you to review the privacy policies of all third-party sites you visit.

12. Social Media and User-Generated Content

Vayable Trip maintains official pages on social media platforms including Facebook, Instagram, LinkedIn, and YouTube. Any information you share on these platforms (including comments, reviews, or messages sent to our pages) is subject to the respective platform's terms of use and privacy policy, in addition to this Policy.

If you tag, mention, or share content relating to Vayable Trip on social media, you acknowledge that such content may be publicly visible and accessible. We may, with your permission, share or repost traveller reviews and photographs on our own platforms for marketing and promotional purposes. You may request removal of such content at any time by contacting us.

13. Marketing Communications and Opt-Out

Where you have consented or where we have a legitimate interest, we may send you promotional emails, SMS messages, or WhatsApp notifications about special offers, new destinations, holiday packages, and travel tips. You can opt out of marketing communications at any time by:

  • Clicking the "Unsubscribe" link at the bottom of any promotional email.
  • Replying "STOP" to any promotional SMS message.
  • Updating your communication preferences in your account settings.
  • Contacting us directly at care@vayabletrip.com.

Please note that even after opting out of marketing communications, you will continue to receive transactional and service-related messages necessary for the management of your bookings.

14. Changes to This Privacy Policy

Vayable Trip reserves the right to update or amend this Policy at any time. When we make material changes, we will notify you by publishing the updated Policy on our website and updating the "Effective Date" at the top of this document. For significant changes, we may also send a notification to your registered email address.

Your continued use of our Services after the effective date of any updated Policy constitutes your acceptance of the revised terms. We encourage you to review this Policy periodically.

15. Data Protection Officer and Contact Details

Vayable Trip takes data privacy seriously and has designated a point of contact to handle all privacy-related queries, complaints, and data rights requests. If you have any questions about this Policy or wish to exercise your rights, please contact us at:

Data Protection / Privacy Officer
Vayable Trip Private Limited
Thakur Vatika, Shimla, Himachal Pradesh – 171002, India
Email: care@vayabletrip.com
Phone: +91-8988558000 | Website: www.vayabletrip.com
Business Hours: Monday to Saturday, 9:00 AM – 7:30 PM IST